Equnix Business Solutions | an Open Source and Open Mind Company Webinar | Equnix Business Solutions

Data-in-use Encryption on Oracle and PostgreSQL

Wednesday, November 25th 2020
2.30 PM-5.00 PM (GMT+7)
Speakers will present at 3.00 PM

Data-in-use Encryption on Oracle and PostgreSQL

smaple image

RDBMS has the ultimate function to store data from Applications, in a very fast manner yet durable. Data Integrity guarantee is the great purpose of Database Server, the other one is to control who can write and read. RDBMS implementing ACL, Role-based access, and others.

One of the greatest challenges in Data Management is storing very confidential data, so not even anyone can read it unless the owner of the data or the one who has given it.

There are many options for data in-store encryption, while there are very limited choices for us to have Data-at-rest and Data-in-use (in-memory) encryption.

This time, we bring the Principal from Korea, presenting their great solution for highly confidential data encryption on PostgreSQL and Oracle. This is One-of-a-kind solution that is definitely needed by Financial related Industries.

We prepare gifts for 6 lucky participants and voucher for 50 early registrants who attend and submit the satisfaction survey form at the end of the event.

If you are wondering with the answers of questions below:

  1. 1

    How does CubeOne become your solution to encrypt confidential data end-to-end?

  2. 2

    What is the meaning of Data at-rest & Data in-use encryption?

  3. 3

    Why is CubeOne a better solution compared to Oracle TDE?

  4. 4

    Any other question you may ask the Speaker about this technology, is this able to help Us to solve our confusion?

Join us to hear from experts

Agenda:

In this session, our Experts will explain in-depth knowledge about how CubeOne can help to encrypt confidential data end to end and prevent the data leaks. Any other question you may ask the Speaker about this technology, is this able to help Us to solve our confusion?

  1. Registration

  2. Opening Webinar

  3. CubeOne Presentation

  4. Live Demo!

  5. QnA & Polling

  6. Quiz & Giveaway

Another Webinar

Webinar Material

Video title

Frequently Asked Questions

Got a question? We've got answers. If you have some other questions, see our support center.

PostgreSQL also has strong data security modules, like for example using pgcrypto for encrypting the data, or using row-level security to manage the access from unauthorized access. And by implementing Cubeone the column-level encryption also has stronger and more sophisticated data protection.
2 things, security and speed. For Security, CubeOne supports the data in use, so all the datas in the memory are encrypted. And for Speed, we have encrypted indexes as well, so CubeOne is very speedy for index search.
As mentioned before, CubeOne doesn't need any specific hardware, CubeOne is installed on your Server and there is no specific requirement for the installation. CubeOne supports Linux, Windows and others. For your information CubeOne is a plugin/extension for the database and if you want to implement it, then you can use the same requirement/hardware resources.
There is no degradation when implementing CubeOne. There is little performance impact for the encryption, but not really significant.
It is possible
Well when the data is encrypted, then the data size will increase. But it depends on the situation, usually it increases up to 30%.
Unfortunately, not. We do not issue full or partial refunds for any reason.
As mentioned before, CubeOne doesn't need specific hardware, CubeOne is installed on your Server and there is no requirement for the installation. CubeOne supports Linux, Windows and Others. For your information CubeOne is a plugin/extension for the database and if you want to implement it, then you can use the same requirement/hardware resources.
CubeOne has modules as plugin, and modules as API. Yes, you can use CubeOne API to encrypt/decrypt the data and store the encrypted data on the Database Cloud services.
There is some constraint using plugins in the cloud. The plugin must install on the server, that means we can access that server. If in the cloud we can use the server like on premise. At the time we can install the plugin in the server on the cloud using CubeOne API so the encrypted data will be saved on the cloud server.
For data encryption, it is recommended to use Asymmetric Encryption Algorithm for data itself. For example AES256, 3DES and SHA256. As for CubeOne, Symmetric Algorithm is for communication between the CubeOne Manager to Database to synchronize the settings and secret keys.
Yes, there is a CubeOne API to implement encryption on NoSQL Database. But for CubeOne Plugin it can only be implemented on the RDBMS.
You can directly delete the data and you don’t have to do anything related to the encryption. For your information, the end user didn't know the datas was encrypted.
For implementing CubeOne in production, there are some code changes for DML (insert, update, delete) that should be modified to apply the function and that is the constraint by using CubeOne.
CubeOne manager isn't related to the application. CubeOne managers like only to manage the access list for the users, create and synchronize the policy.
In CubeOne, there is key management for encrypting and decrypting the data. The CubeOne manager will synchronize not only the policy but also the key to the database server and that process managed by CubeOne.
On CubeOne column level, all the data is encrypted. Every TDE is the same, Postgres TDE only protects the store data (data at-rest encrypted) but when load data into memory all the data is clear text.
CubeOne has several advantages, such as:
  • CubeOne is column level at data in use encryption which cannot be found in other technology either Oracle or any other vendor.
  • By Using CubeOne, we are not using all the capacity of the CPU to encrypt and decrypt the data. So it is more efficient because we don't encrypt all of the data then it would be saving the CPU resource.
  • And the other advantage is CubeOne can enable SSM by using some technology for connecting communication end to end users.
Yes, It is. CubeOne can be used on the cloud, for example Amazon, Azure and etc.
For implementing CubeOne in production, there are some code changes for DML (insert, update, delete) that should be modified to apply the function and that is the constraint by using CubeOne.
It is a perpetual license and there is yearly technical support which is 15% and the price based on the number of the core. For more pricing schema, please send the question into our email marketing@equnix.asia.
We have 2 products, they are CubeOne Plugin and CubeOne API. CubeOne Plugin installed in the database server, so CubeOne Plugin supports RDBMS. CubeOne also supports Hadoop with the CubeOne API.
For Updates CubeOne Plugin, it was only a small change. We will send the patch if there is so, and no need to restart the server.
CubeOne Manager is enabled for Windows PC only. But CubeOne Plugin can serve in multi OS Platform. CubeOne Manager is only used for synchronizing the key and policy configuration to the server. Then the CubeOne plugin on the server is independent with CubeOne Manager.
For the initial encryption, it depends on the data size. For example for the small table within 10 seconds. And for big data, it could take 2 hours or more. For implementing CubeOne on production, we should test all of things, because it is database encryption procedures.
CubeOne supports almost all databases, such as Postgres, Oracle, DB2, and another kind of OLTP. CubeOne supports encryption on almost all data types. It can also encrypt/decrypt hundreds of million or billion datas.
There is no data size limitation or database limitation in CubeOne, the limitation is only applied to database restriction.
Actually we do not know about the update mechanism you mentioned by executing the function. Assuming that by creating another column you mean update a value on other column when updating, actually the update process will create another row, even if you update only 1 column. Since you have a highly updated table, then it is recommended to do routine VACUUM to remove dead tuples, and apply index on the where clause columns.

We would also like to announce that PGConf Asia is back, China will be the host!

smaple image

PostgreSQL Conference Asia 2020 will be transformed into a virtual conference and also offline event. This is going to be a different yet interesting PostgreSQL Conference for all of the business and professional community of PostgreSQL, this time would be a more fun and richer background of the audiences.

We expect this would be a great hub between technical advancement in PostgreSQL combined with Corporation Business Users. The event would be conducted in an easy talk while chilling in to get more inspirations, from the business side as well as technical perspective.

Do join us and contribute to this event as:

Attendees

Speakers

Sponsors

For more information, kindly access: https://postgresconf.org/conferences/AsiaChina2020 or https://2020.pgconf.asia/